Endpoint Protection

 View Only
  • 1.  Automatic research of a risk with the SEP 12.1

    Posted Apr 30, 2014 08:34 AM

    Hi all,

    I want to know if a particular risk is present in my network.
    Now I'm able only to make  a research through the following steps:

    • Click on the Monitor link;
    • log type=risk
    • advanced settings ----> risk name = "I write the name of the risk"

    Is possible to make the same research of the risk automatically and in a scheduled mode using the SEP 12.1?

     

    Thanks

     



  • 2.  RE: Automatic research of a risk with the SEP 12.1

    Posted Apr 30, 2014 08:37 AM

    You can create alerts for these:

    Creating notifications in the Symantec Endpoint Protection Manager

    You won't be able to add a specific risk name. That functionality isn't possible yet. It will just be any time a risk is found regardless.

    Perhaps you can create an idea for it though.



  • 3.  RE: Automatic research of a risk with the SEP 12.1

    Posted Apr 30, 2014 08:54 AM

    You cann't add Singal/Specify name in risk notification.

    See mithun comments

    Yes, you can create notification for the same. Check these steps:

    • SEPM >> Monitors page >> Notifications >> Notification Conditions
    • Add >> and you have two options here
    • You can select "New Risk Detected" or "Single Risk event"
    • Edit each as you see fit and save them.

    However, SEPM has few notifications which are preconfigured.

    In your case, SEPM has the "New risk detected", "Risk outbreak" and "Single risk event" preconfigured.

    Check this Article:

    About the preconfigured notifications

    http://www.symantec.com/docs/HOWTO55128

    http://www.symantec.com/connect/forums/how-get-notified-realtime-email-when-infected-items-detected

     



  • 4.  RE: Automatic research of a risk with the SEP 12.1

    Trusted Advisor
    Posted Apr 30, 2014 09:39 AM

    You could try suggesting it in the ideas section of the forum. If it gets enough votes symantec may take a look at implmenting. 

    https://www-secure.symantec.com/connect/security/ideas



  • 5.  RE: Automatic research of a risk with the SEP 12.1

    Broadcom Employee
    Posted Apr 30, 2014 10:19 AM

    Hi,

    Thank you for posting in Symantec community.

    It's not possible to achieve exactly what you are looking for. However will it be possible If you are receiving alerts on Microsoft outlook then configure rule to notify you if specific name is mentioned in the email.

    In SEP 12.1 there are two weekly scheduled reports & seven pre-defined notifications configured by Symantec.

    Schedule Reports location: SEPM --> Reports --> Scheduled Reports
     
    Predefined Notifications location:
     
    SEPM--> Monitors--> Notifications --> View Notifications --> Notifications Conditions

    New Risk detected is one of the preconfigured notification.This notification triggers whenever a new risk is detected by virus and spyware scans. You can be notified by this alert then let it be any risk.